{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,5]],"date-time":"2026-02-05T06:10:55Z","timestamp":1770271855122,"version":"3.49.0"},"reference-count":69,"publisher":"MIS Quarterly","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025,3,1]]},"abstract":"<jats:p>A widely accepted notion in cybersecurity practice and research posits that complexity is detrimental to cybersecurity. While this notion mainly focuses on IT, the prevalence of complexity extends beyond IT into organizational domains. Whether the assertion that complexity is detrimental to cybersecurity holds true when applied to organizational domains remains largely unexplored. Moreover, \u201ccomplexity\u201d and \u201ccomplicatedness\u201d are often used interchangeably to refer to a large number of interconnected components. We build on complexity science to distinguish the two terms: complexity arises from ad hoc, nonlinear interactions among interconnected components, whereas complicatedness arises from structured, linear interactions. The field lacks sufficient understanding of these distinctions and their implications for cybersecurity risks and mitigations. We theorize how an organization\u2019s complicatedness and complexity in both IT and organizational domains influence cybersecurity breaches. Our context of empirical inquiry is multihospital systems (MHSs), a complex organizational form that uses IT in complex ways. Drawing on complexity science, we posit that complicatedness in medical services, health IT, and the governance arrangements of an MHS increases cybersecurity breaches. We also posit that using enterprise-wide data analytics platforms (EWDAPs) to structure and control ad hoc information sharing practices of the complicated units can reduce breaches despite adding more technology components and dependencies to enterprise IT. We tested these ideas in a sample of 445 MHSs in the U.S. spanning from 2009 to 2017. Complicatedness in medical services, health IT, and governance stands out as the primary contributor to cybersecurity breaches in MHSs. Ad hoc, nonlinear interactions contribute to complexity and exacerbate the cybersecurity breach effects of complicatedness. In contrast, structured interactions, exemplified by patient data sharing through an EWDAP, achieve simplification and mitigate the cybersecurity breaches associated with complicatedness.<\/jats:p>","DOI":"10.25300\/misq\/2024\/17752","type":"journal-article","created":{"date-parts":[[2024,8,7]],"date-time":"2024-08-07T15:42:31Z","timestamp":1723045351000},"page":"243-274","source":"Crossref","is-referenced-by-count":3,"title":["Taming Complexity in the Cybersecurity of Multihospital Systems: The Role of Enterprise-wide Data Analytics Platforms"],"prefix":"10.25300","volume":"49","author":[{"given":"H\u00fcseyin","family":"Tanriverdi","sequence":"first","affiliation":[{"name":"McCombs School of Business, University of Texas at Austin Austin, TX, U.S.A."}]},{"given":"Juhee","family":"Kwon","sequence":"additional","affiliation":[{"name":"Department of Information Systems, College of Business, City University of Hong Kong, Hong Kong SAR, China"}]},{"given":"Ghiyoung","family":"Im","sequence":"additional","affiliation":[{"name":"College of Business, University of Louisville, Louisville, KY, U.S.A."}]}],"member":"10933","published-online":{"date-parts":[[2025,3,1]]},"reference":[{"issue":"3","key":"2025082211023822300_b1-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"228","DOI":"10.1097\/00004010-200307000-00004","article-title":"Governance forms in health systems and health networks","volume":"28","author":"Alexander","year":"2003","journal-title":"Health Care Management Review"},{"key":"2025082211023822300_b2-09_ra_10_25300_misq_2024_17752","unstructured":"American Hospital Association\n          . (2023). Fast facts on U.S. Hospitals, 2023. https:\/\/www.aha.org\/statistics\/fast-facts-us-hospitals."},{"issue":"3","key":"2025082211023822300_b3-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"crossref","first-page":"893","DOI":"10.25300\/MISQ\/2017\/41.3.10","article-title":"When do IT security investments matter? Accounting for the influence of institutional factors in the context of healthcare data breaches","volume":"41","author":"Angst","year":"2017","journal-title":"MIS Quarterly"},{"issue":"3","key":"2025082211023822300_b4-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"849","DOI":"10.1287\/isre.1110.0408","article-title":"Information, technology, and information worker productivity","volume":"23","author":"Aral","year":"2012","journal-title":"Information Systems Research"},{"issue":"2","key":"2025082211023822300_b5-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"277","DOI":"10.2307\/2297968","article-title":"Some tests of specification for panel dat: Monte-Carlo evidence and an application to employment equations","volume":"58","author":"Arellano","year":"1991","journal-title":"Review of Economic Studies"},{"issue":"1","key":"2025082211023822300_b6-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1016\/0304-4076(94)01642-d","article-title":"Another look at the instrumental variable estimation of error-components models","volume":"68","author":"Arellano","year":"1995","journal-title":"Journal of Econometrics"},{"issue":"4","key":"2025082211023822300_b7-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"1147","DOI":"10.1287\/isre.2013.0481","article-title":"Business value of information technology: Testing the interaction effect of IT and R&D on Tobin\u2019s q","volume":"24","author":"Bardhan","year":"2013","journal-title":"Information Systems Research"},{"issue":"1","key":"2025082211023822300_b8-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1145\/3184444.3184448","article-title":"Integration of information systems and cybersecurity countermeasures: An exposure to risk perspective","volume":"49","author":"Baskerville","year":"2018","journal-title":"The Database for Advances in Information Systems"},{"key":"2025082211023822300_b9-09_ra_10_25300_misq_2024_17752","first-page":"234","article-title":"The financial performance of hospitals belonging to health networks and systems","author":"Bazzoli","year":"2000","journal-title":"Inquiry"},{"issue":"6","key":"2025082211023822300_b10-09_ra_10_25300_misq_2024_17752","first-page":"1683","article-title":"A taxonomy of health networks and systems: Bringing order out of chaos","volume":"33","author":"Bazzoli","year":"1999","journal-title":"Health Services Research"},{"issue":"10","key":"2025082211023822300_b11-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"2543","DOI":"10.1287\/mnsc.2014.1934","article-title":"Electronic medical records and physician productivity: Evidence from panel data analysis","volume":"60","author":"Bhargava","year":"2014","journal-title":"Management Science"},{"issue":"1","key":"2025082211023822300_b12-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1016\/s0304-4076(98)00009-8","article-title":"Initial conditions and moment restrictions in dynamic panel data models","volume":"87","author":"Blundell","year":"1998","journal-title":"Journal of Econometrics"},{"key":"2025082211023822300_b13-09_ra_10_25300_misq_2024_17752","volume-title":"Complexity and postmodernism: Understanding complex systems","author":"Cilliers","year":"1998"},{"key":"2025082211023822300_b14-09_ra_10_25300_misq_2024_17752","volume-title":"Handling the wicked issues: A challenge for government","author":"Clarke","year":"1997"},{"issue":"2","key":"2025082211023822300_b15-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"161","DOI":"10.2308\/isys-50913","article-title":"Addressing the control challenges of the enterprise architecture process","volume":"29","author":"Cram","year":"2015","journal-title":"Journal of Information Systems"},{"issue":"2","key":"2025082211023822300_b16-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1007\/s10111-011-0211-6","article-title":"Complicated, complex, and compliant: Best practice in obstetrics","volume":"15","author":"Dekker","year":"2013","journal-title":"Cognition, Technology & Work"},{"issue":"4","key":"2025082211023822300_b17-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"829","DOI":"10.1287\/isre.2015.0604","article-title":"Parenting new acquisitions: Acquirers\u2019 digital resource redeployment and targets\u2019 performance improvement in the us hospital industry","volume":"26","author":"Du","year":"2015","journal-title":"Information Systems Research"},{"issue":"4","key":"2025082211023822300_b18-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"1425","DOI":"10.25300\/misq\/2022\/16764","article-title":"Does IT enable collusion or competition: Examining the effects of IT on service pricing in multimarket multihospital systems","volume":"47","author":"Du","year":"2023","journal-title":"MIS Quarterly"},{"key":"2025082211023822300_b19-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"crossref","first-page":"90","DOI":"10.1016\/j.cose.2014.03.004","article-title":"Information security knowledge sharing in organizations: Investigating the effect of behavioral information security governance and national culture","volume":"43","author":"Flores","year":"2014","journal-title":"Computers & Security"},{"key":"2025082211023822300_b20-09_ra_10_25300_misq_2024_17752","volume-title":"Multivariate data analysis","author":"Hair","year":"2006","edition":"6th"},{"issue":"4","key":"2025082211023822300_b21-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"1029","DOI":"10.2307\/1912775","article-title":"Large sample properties of generalized-method of moments estimators","volume":"50","author":"Hansen","year":"1982","journal-title":"Econometrica"},{"key":"2025082211023822300_b22-09_ra_10_25300_misq_2024_17752","volume-title":"GAIT for IT general control deficiency assessment: An approach for evaluating ITGC deficiencies in Sarbanes-Oxley Section 404 assessments of internal controls over financial reporting","author":"IIA","year":"2008"},{"key":"2025082211023822300_b23-09_ra_10_25300_misq_2024_17752","volume-title":"Global technology audit guide (GTAG) 8: Auditing application controls","author":"IIA","year":"2009"},{"key":"2025082211023822300_b24-09_ra_10_25300_misq_2024_17752","volume-title":"Global technology audit guide (GTAG) 1: Information technology controls","author":"IIA","year":"2012","edition":"2nd"},{"key":"2025082211023822300_b25-09_ra_10_25300_misq_2024_17752","article-title":"IT control objectives for Sarbanes-Oxley: The role of IT in the design and implementation of internal control over financial reporting","author":"ITGI","year":"2006","journal-title":"IT Governance Institute"},{"key":"2025082211023822300_b26-09_ra_10_25300_misq_2024_17752","volume-title":"COBIT 4.1","author":"ITGI","year":"2007"},{"issue":"4","key":"2025082211023822300_b27-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"503","DOI":"10.2307\/2555742","article-title":"Rank, stock, order, and epidemic effects in the diffusion of new process technologies - an empirical-model","volume":"24","author":"Karshenas","year":"1993","journal-title":"Rand Journal of Economics"},{"issue":"4","key":"2025082211023822300_b28-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"crossref","first-page":"1184","DOI":"10.1287\/isre.2019.0858","article-title":"How do ehrs and a meaningful use initiative affect breaches of patient information?","volume":"30","author":"Kim","year":"2019","journal-title":"Information Systems Research"},{"key":"2025082211023822300_b29-09_ra_10_25300_misq_2024_17752","article-title":"Information sharing in complex systems: A case study on public safety management","author":"Kozuch","year":"2015"},{"key":"2025082211023822300_b30-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"crossref","DOI":"10.4324\/9781003197454","volume-title":"Managing complexity in healthcare","author":"Kuhn","year":"2022"},{"issue":"2","key":"2025082211023822300_b31-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"41","DOI":"10.2753\/mis0742-1222300202","article-title":"Health-care security strategies for data protection and regulatory compliance","volume":"30","author":"Kwon","year":"2013","journal-title":"Journal of Management Information Systems"},{"issue":"2","key":"2025082211023822300_b32-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"451","DOI":"10.25300\/misq\/2014\/38.2.06","article-title":"Proactive versus reactive security investments in the healthcare sector","volume":"38","author":"Kwon","year":"2014","journal-title":"MIS Quarterly"},{"issue":"4","key":"2025082211023822300_b33-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"1043","DOI":"10.25300\/MISQ\/2018\/13580","article-title":"Meaningful healthcare security: Does \u201cmeaningful-use\u201d attestation improve information security performance?","volume":"42","author":"Kwon","year":"2018","journal-title":"MIS Quarterly"},{"issue":"1","key":"2025082211023822300_b34-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"crossref","first-page":"179","DOI":"10.2307\/41410413","article-title":"The consequences of information technology control weaknesses on management information systems: The case of Sarbanes-Oxley internal control reports","volume":"36","author":"Li","year":"2012","journal-title":"MIS Quarterly"},{"key":"2025082211023822300_b35-09_ra_10_25300_misq_2024_17752","article-title":"The changing tides of investments and strategies and their impacts on security breaches","author":"Li","year":"2019"},{"issue":"1","key":"2025082211023822300_b36-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1080\/07421222.2021.1870390","article-title":"The roles of IT strategies and security investments in reducing organizational security breaches","volume":"38","author":"Li","year":"2021","journal-title":"Journal of Management Information Systems"},{"key":"2025082211023822300_b37-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","DOI":"10.25300\/MISQ\/2023\/17703","article-title":"How mergers and acquisitions increase data breaches: A complexity perspective","author":"Liang","year":"2025","journal-title":"MIS Quarterly"},{"issue":"4","key":"2025082211023822300_b38-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"1842","DOI":"10.1287\/mnsc.2016.2695","article-title":"Does technology substitute for nurses? Staffing decisions in nursing homes","volume":"64","author":"Lu","year":"2018","journal-title":"Management Science"},{"issue":"5","key":"2025082211023822300_b39-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"1338","DOI":"10.1177\/0149206314563399","article-title":"A review of interorganizational collaboration dynamics","volume":"41","author":"Majchrzak","year":"2015","journal-title":"Journal of Management"},{"issue":"3","key":"2025082211023822300_b40-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"687","DOI":"10.25300\/misq\/2016\/40.3.08","article-title":"Senior executives\u2019 IT management responsibilities: Serious IT-related deficiencies and ceo\/cfo turnover","volume":"40","author":"Masli","year":"2016","journal-title":"MIS Quarterly"},{"issue":"3","key":"2025082211023822300_b41-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"crossref","first-page":"266","DOI":"10.1097\/00004010-200307000-00008","article-title":"Surprise, surprise, surprise! A complexity science view of the unexpected","volume":"28","author":"McDaniel","year":"2003","journal-title":"Health Care Management Review"},{"key":"2025082211023822300_b42-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1016\/j.dss.2018.02.007","article-title":"Cyber-analytics: Modeling factors associated with healthcare data breaches","volume":"108","author":"McLeod","year":"2018","journal-title":"Decision Support Systems"},{"issue":"7","key":"2025082211023822300_b43-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"1077","DOI":"10.1287\/mnsc.1090.1014","article-title":"Privacy protection and technology diffusion: The case of electronic medical records","volume":"55","author":"Miller","year":"2009","journal-title":"Management Science"},{"issue":"4","key":"2025082211023822300_b44-09_ra_10_25300_misq_2024_17752","first-page":"73","article-title":"Revisiting complexity in the digital age","volume":"55","author":"Mocker","year":"2014","journal-title":"MIT Sloan Management Review"},{"issue":"2","key":"2025082211023822300_b45-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"525","DOI":"10.25300\/misq\/2020\/13932","article-title":"When statistical significance is not enough: Investigating relevance, practical significance, and statistical significance","volume":"44","author":"Mohajeri","year":"2020","journal-title":"MIS Quarterly"},{"issue":"3","key":"2025082211023822300_b46-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"937","DOI":"10.25300\/MISQ\/2017\/41.3.12","article-title":"Unifying the role of IT in hyperturbulence and competitive advantage via a multilevel perspective of is strategy","volume":"41","author":"Nan","year":"2017","journal-title":"MIS Quarterly"},{"key":"2025082211023822300_b47-09_ra_10_25300_misq_2024_17752","volume-title":"Understanding complexity","author":"Page","year":"2009"},{"key":"2025082211023822300_b48-09_ra_10_25300_misq_2024_17752","unstructured":"PR Newswire\n          . (2014a). Community health network to create single source of truth with health catalyst\u2019s late-binding data warehouse and analytics platform. https:\/\/www.prnewswire.com\/news-releases\/community-health-network-to-create-single-source-of-truth-with-health-catalysts-late-binding-data-warehouse-and-analytics-platform-273731731.html"},{"key":"2025082211023822300_b49-09_ra_10_25300_misq_2024_17752","unstructured":"PR Newswire\n          . (2014b). Mission health to advance population health management with data warehouse and analytics platform. https:\/\/www.prnewswire.com\/news-releases\/mission-health-to-advance-population-health-management-with-data-warehouse-and-analytics-platform-262511911.html"},{"key":"2025082211023822300_b50-09_ra_10_25300_misq_2024_17752","unstructured":"Proofpoint\n          . (2023). 2023 Ponemon healthcare cybersecurity report. https:\/\/www.proofpoint.com\/us\/resources\/threat-reports\/ponemon-healthcare-cybersecurity-report"},{"issue":"2","key":"2025082211023822300_b51-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1287\/stsc.2020.0106","article-title":"Learning from digital failures? The effectiveness of firms\u2019 divestiture and management turnover responses to data breaches","volume":"5","author":"Say","year":"2020","journal-title":"Strategy Science"},{"key":"2025082211023822300_b52-09_ra_10_25300_misq_2024_17752","unstructured":"Schneier, B.\n           (1999). A plea for simplicity: You can\u2019t secure what you don\u2019t understand. Schneier on Security. https:\/\/www.schneier.com\/essays\/archives\/1999\/11\/a_plea_for_simplicit.html"},{"key":"2025082211023822300_b53-09_ra_10_25300_misq_2024_17752","unstructured":"Schneier, B.\n           (2000). Software complexity and security. Schneier on Security. https:\/\/www.schneier.com\/crypto-gram\/archives\/2000\/0315.html"},{"key":"2025082211023822300_b54-09_ra_10_25300_misq_2024_17752","volume-title":"Data and Goliath: The hidden battles to collect your data and control your world","author":"Schneier","year":"2015","edition":"1st"},{"key":"2025082211023822300_b55-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"537","DOI":"10.1016\/j.procs.2010.12.089","article-title":"Enterprise information security, a review of architectures and frameworks from interoperability perspective","volume":"3","author":"Shariati","year":"2011","journal-title":"Procedia Computer Science"},{"key":"2025082211023822300_b56-09_ra_10_25300_misq_2024_17752","volume-title":"Managing integrated health systems","author":"Shiver","year":"2016","edition":"1st"},{"key":"2025082211023822300_b57-09_ra_10_25300_misq_2024_17752","volume-title":"Remaking health care in america: Building organized delivery systems","author":"Shortell","year":"2000","edition":"2nd"},{"issue":"2","key":"2025082211023822300_b58-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"crossref","first-page":"215","DOI":"10.1016\/j.ijinfomgt.2015.11.009","article-title":"Information security management needs more holistic approach: A literature review","volume":"36","author":"Soomro","year":"2016","journal-title":"International Journal of Information Management"},{"key":"2025082211023822300_b59-09_ra_10_25300_misq_2024_17752","volume-title":"Testing for weak instruments in linear iv regression","author":"Stock","year":"2005"},{"issue":"4","key":"2025082211023822300_b60-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"518","DOI":"10.1198\/073500102288618658","article-title":"A survey of weak instruments and weak identification in generalized method of moments","volume":"20","author":"Stock","year":"2002","journal-title":"Journal of Business & Economic Statistics"},{"issue":"3","key":"2025082211023822300_b61-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"599","DOI":"10.1287\/isre.1110.0398","article-title":"The productivity of information technology investments: New evidence from IT labor data","volume":"23","author":"Tambe","year":"2012","journal-title":"Information Systems Research"},{"key":"2025082211023822300_b62-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"crossref","DOI":"10.2139\/ssrn.1992553","article-title":"Trinity Health: Exploiting a digital platform and a unified model to create value in merger, acquisition, and divestiture transactions","volume-title":"Working Paper #386","author":"Tanriverdi","year":"2011"},{"issue":"4","key":"2025082211023822300_b63-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"1573","DOI":"10.25300\/misq\/2020\/14223","article-title":"Corporate strategy changes and information technology control effectiveness in multibusiness firms","volume":"44","author":"Tanriverdi","year":"2020","journal-title":"MIS Quarterly"},{"key":"2025082211023822300_b64-09_ra_10_25300_misq_2024_17752","article-title":"Trinity Health: Using digitization, unification, and data analytics to tame the quality, cost, and accessibility problems of healthcare (Working paper #385)","author":"Tanriverdi","year":"2011","journal-title":"MIT Sloan Center for Information Systems Research"},{"key":"2025082211023822300_b65-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1016\/j.infsof.2018.07.008","article-title":"Attack surface definitions: A systematic literature review","volume":"104","author":"Theisen","year":"2018","journal-title":"Information and Software Technology"},{"key":"2025082211023822300_b66-09_ra_10_25300_misq_2024_17752","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4842-5608-4","article-title":"Designing a HIPAA-compliant security operations center: A guide to detecting and responding to healthcare breaches and events","author":"Thompson","year":"2020","journal-title":"Apress"},{"key":"2025082211023822300_b67-09_ra_10_25300_misq_2024_17752","first-page":"46","article-title":"IT governance and organizational development for security management","volume-title":"Information security policies and practices","author":"Warkentin","year":"2008"},{"key":"2025082211023822300_b68-09_ra_10_25300_misq_2024_17752","volume-title":"Introductory econometrics: A modern approach","author":"Wooldridge","year":"2012","edition":"5th"},{"key":"2025082211023822300_b69-09_ra_10_25300_misq_2024_17752","article-title":"Does sharing make my data more insecure? An empirical study on health information exchange and data breaches","author":"Zhang","year":"2019"}],"container-title":["MIS Quarterly"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/misq.umn.edu\/misq\/article-pdf\/49\/1\/243\/1659\/09_ra_10.25300_misq_2024_17752.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/misq.umn.edu\/misq\/article-pdf\/49\/1\/243\/1659\/09_ra_10.25300_misq_2024_17752.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T15:02:52Z","timestamp":1755874972000},"score":1,"resource":{"primary":{"URL":"https:\/\/misq.umn.edu\/misq\/article\/49\/1\/243\/71\/Taming-Complexity-in-the-Cybersecurity-of"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,3,1]]},"references-count":69,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,3,1]]},"published-print":{"date-parts":[[2025,3,1]]}},"URL":"https:\/\/doi.org\/10.25300\/misq\/2024\/17752","relation":{},"ISSN":["0276-7783","2162-9730"],"issn-type":[{"value":"0276-7783","type":"print"},{"value":"2162-9730","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,3,1]]}}}